Past Issues

BuckleySandler LLP’s InfoBytes Blog monitors and reports on news, legal developments and legislative actions affecting the financial services industry. With a focus on issues ranging from fair lending to consumer financial services regulation and the CFPB, InfoBytes Blog is a comprehensive and timely source for in-house counsel and industry executives to stay abreast of developments affecting their industry.

In an order dated November 15, the FCC’s Consumer and Governmental Affairs Bureau denied a petition by the Mortgage Bankers Association (MBA) that sought an exemption from the FCC’s prior express consent requirement for non-telemarketing residential mortgage servicing auto-dialer calls to wireless numbers. In its order, the Bureau concluded that MBA had failed to show (1) that the calls in question would be free of charge to consumers; and (2) that the parties seeking relief should be able to send non-time-sensitive calls to consumers without their consent.

Among other things, the Order explained that the Telephone Consumer Protection Act (TCPA) “reflects Congress’ recognition of the potential costs and privacy risks imposed on wireless consumers from the use of auto-dialer equipment, which can generate large numbers of unwanted calls” and accordingly, the FCC has generally attempted to balance and accommodate the legitimate business interests of callers in addition to recognized consumer privacy interests.

In an official FCC blog post published November 21, FCC Enforcement Chief Travis LeBlanc re-emphasized the agency’s efforts to work with international law enforcement partners to target fraudsters who might otherwise be outside the FCC’s reach. As explained by Mr. LeBlanc:

“Unsolicited calls and text messages are more than just a nuisance these days. They are used to perpetrate criminal fraud, phishing attacks, and identity theft schemes all around the world. These calls often overwhelm facilities, including emergency or 911 call centers. Those responsible for sending unwanted calls and texts often operate from outside of the United States, too often allowing them to evade our enforcement. Indeed, it is very easy for these scammers to operate from multiple countries, hide their locations, change their phone numbers between calls, trick caller ID systems into displaying false or trusted numbers, increasingly demand payments in hard-to-trace forms such as cash or gift cards, and move quickly to avoid detection and prosecution in our increasingly mobile world.”

Earlier this year, the FCC signed a memorandum of understanding with members of the “Unsolicited Communications Enforcement Network,” a global network of law enforcement authorities and regulatory agencies that have agreed to share intelligence, identify common threats, learn from each other’s best practices and assist each other with investigations where permissible to combat unsolicited communications.

On October 27, the FCC adopted privacy rules regulating consumers’ use of broadband internet services. As previously covered in InfoBytes, the FCC issued revised proposed privacy rules for broadband internet service providers (ISPs) in early October to provide consumers with “increased choice, transparency and security online.” Like the proposed rules, the adopted rules (i) require ISPs to obtain confirmative consent to use and share sensitive information; and (ii) permit ISPs to share non-sensitive information unless a customer opts-out.

Because the scope of the rules is limited to broadband service providers and other telecommunication carriers, the FTC maintains its authority over the privacy practices of websites and other “edge services.” In support of the newly adopted FCC rules, FTC Chairwoman commented that “[t]he rules will provide robust privacy protections, including protecting sensitive information such as consumers’ social security numbers, precise geolocation data, and content of communications, and requiring reasonable data security practices.”

On October 6, the FCC issued a fact sheet on revised privacy rules related to broadband internet services. According to the fact sheet, the proposed rules “are designed to evolve with changing technologies and encourage innovation, and are in harmony with other key privacy frameworks and principles – including those outlined by the [FTC] and the Administration’s Consumer Privacy Bill of Rights.” The FCC first issued a set of privacy rules concerning consumer rights in relation to broadband internet service providers (ISPs) in March. In Chairman Tom Wheeler’s October 6 blog post regarding the recent revisions, he noted that the revised proposal “provide[s] consumers increased choice, transparency and security online.” The proposed rules, among other things, would require ISPs to (i) let consumers know the type of information they are collecting, specify how and the extent to which the information can be used and shared, and identify with whom the information is shared; (ii) obtain consumers’ opt-in consent to use sensitive information, including, among other things, geo-location, social security numbers, and web browsing history; and (iii) provide an opt-out option, consistent with customer expectations, for the use and sharing of non-sensitive information. Notably, the proposed rules “do not apply to the privacy practices of websites or apps, over which the [FTC] has authority…even when a website or app is owned by a broadband provider.” The Commission is scheduled to vote on the proposal on October 27.

On June 6, the FTC submitted a comment to the FCC on its Notice of Proposed Rulemaking (NPR) regarding the implementation of recent changes to provisions of the Telephone Consumer Protection Act (TCPA) that permit robocalls “made solely to collect a debt owed or guaranteed by the United States.” Recommending that the FCC proceed cautiously with the expansion of permissible robocalling, the FTC instructed the FCC to establish standards for the collection of government debt that are consistent with the FDCPA, Section 5 of the FTC Act, and the Telemarketing Sales Rule (TSR). Specifically, the FTC’s comment advises the FCC to limit permitted robocalls to only (i) those relating to debts in default status; (ii) persons who actually owe the debts; (iii) those relating to the collection of the government debt; and (iv) collection purposes exclusively. In addition, the FTC’s comment on the NPR suggests that the FCC (i) maintain reasonable security practices over the data collected during covered robocalls; (ii) limit robocalls to the hours of 8:00 am to 9:00 pm; and (iii) require covered callers to “transmit caller ID information that includes a caller number that connects to a live agent representing the debt collector.”